Cybersecurity Resources

Policies

These resources are mandatory for anyone that works with DjaoDjin to read or watch.

  • Regularly conduct audits of end-users, roles and associated permissions
  • Enforce MFA whenver possible. Prefer OTP when available.
  • Enforce strong password policies

See detailed Operational Guidelines.

Courses

For non-technical employees and contractors, Cyber Security Awareness Training for Employees is a good course.

The following are in-depth courses about specific cybersecurity topics. If you work for DjaoDjin and the materials are not freely accessible, please bring it to the attention of you manager. There is always a budget for education around cybersecurity topics.

Application-specific

If you are an Application developper at DjaoDjin, or are responsible in general to build business logic applications, you will want to read the following security-focused articles.

Client-side business logic
Server-side business logic

Operation-specific

If you are an Operations engineer at DjaoDjin, or are responsible in general to make sure machines are up and running, you will want to read the following security-focused articles.

On a Website, nefarious automation typically include:

  • content scraping
  • credential stuffing
  • application DDoS
  • web form abuse
  • token guessing

Types of behavioral patterns that can be linked to an IP address can include (but are not limited to):

  • Total number of requests
  • Total number of pages visited
  • The time between page views
  • The sequence in which pages are visited
  • Types of resources loaded on pages

Read more on Fastly blog »

Timely articles

Random news and opinions around the Web worth reading.